Académique Documents
Professionnel Documents
Culture Documents
Internet
SIP and NAT Traversal
Sven Ehlert
Next Generation Network Infrastructures
Fraunhofer FOKUS
Response
SIP/2.0 200 OK
Message
Header
Fields
Content-Length: 147
Content-Length: 134
v=0
o=UserA 2890844526 2890844526 IN IP4 here.com
s=Session SDP
c=IN IP4 100.101.102.103
t=0 0
m=audio 49172 RTP/AVP 0
a=rtpmap:0 PCMU/8000
Payload
v=0
o=UserB 2890844527 2890844527 IN IP4 there.com
s=Session SDP
c=IN IP4 110.111.112.113
t=0 0
m=audio 3456 RTP/AVP 0
a=rtpmap:0 PCMU/8000
NAT Introduction
Benefits
Scenarios
NAT Details
192.168.1.10:80
1.2.3.4:10080
Internal IP
192.168.1.1
External IP
1.2.3.4
NAT
192.168.1.11:80
1.2.3.4:20080
NAT Classification
Full Cone
Restricted Cone
Symmetric NAT
Contact
Source
User Client
Contact
Target
A:200.10.0.1
P:20100
A:192.168.1.10
P:8000
A:100.0.0.1
P:12000
A:200.20.0.1
P:20200
A:200.10.0.1
P:20100
A:192.168.1.10
P:8000
A:100.0.0.1
P:12000
Restricted NAT
A:200.10.0.1
P:20100
A:192.168.1.10
P:8000
A:100.0.0.1
P:12000
Restricted NAT
A:200.20.0.1
P:20200
A:200.10.0.1
P:20100
A:192.168.1.10
P:8000
A:100.0.0.1
P:12000
Restricted NAT
P:20100
P:20101
A:192.168.1.10
P:8000
A:100.0.0.1
P:12000
Symmetric NAT
P:12000
P:12001
A:192.168.1.10
P:8000
A:100.0.0.1
A:200.20.0.1
P:20200
A:200.10.0.1
P:20100
Symmetric NAT
P:12000
P:12001
A:192.168.1.10
P:8000
A:100.0.0.1
A:200.20.0.1
P:20200
A:200.10.0.1
P:20100
NAT Summary
Full Cone
Dest. Independent
Restricted Cone
Dest. Independent
Dest. Independent
Symmetric
Dest. Dependent
Call Server
End Users
IP Router
192.168.0.1
NAT
Proxy
100.0.0.2
150.0.0.3
UA2
200.0.0.4
192.168.0.1
NAT
Proxy
100.0.0.2
150.0.0.3
UA2
200.0.0.4
IPSRC 192.168.0.1:5060
IPSRC 100.0.0.2:1234
INVITE sip:user@200.0.0.4
Via: SIP/2.0/UDP 192.168.0.1:5060
Contact: user@192.168.0.1
Content-Type: application/sdp
c=IN IP4 192.168.0.1
m=audio 8000 RTP/AVP 4
INVITE sip:user@200.0.0.4
Via: SIP/2.0/UDP 192.168.0.1:5060
Contact: user@192.168.0.1
Content-Type: application/sdp
c=IN IP4 192.168.0.1
m=audio 8000 RTP/AVP 4
192.168.0.1
NAT
Proxy
100.0.0.2
150.0.0.3
UA2
200.0.0.4
IPSRC 192.168.0.1:5060
IPSRC 100.0.0.2:1234
INVITE sip:user@200.0.0.4
Via: SIP/2.0/UDP 192.168.0.1:5060
Contact: user@192.168.0.1
Content-Type: application/sdp
c=IN IP4 192.168.0.1
m=audio 8000 RTP/AVP 4
INVITE sip:user@200.0.0.4
Via: SIP/2.0/UDP 192.168.0.1:5060; \
received:100.0.0.2;rport:1234
Contact: user@192.168.0.1
Content-Type: application/sdp
c=IN IP4 192.168.0.1
m=audio 8000 RTP/AVP 4
192.168.0.1
NAT
Proxy
100.0.0.2
150.0.0.3
UA2
200.0.0.4
IPSRC 100.0.0.2:1234
IPSRC 150.0.0.3:5060
INVITE sip:user@200.0.0.4
Via: SIP/2.0/UDP 192.168.0.1:5060
Contact: user@192.168.0.1
Content-Type: application/sdp
c=IN IP4 192.168.0.1
m=audio 8000 RTP/AVP 4
INVITE sip:user@200.0.0.4
Via: SIP/2.0/UDP 150.0.0.3:5060
Via: SIP/2.0/UDP 192.168.0.1:5060
Contact: user@192.168.0.1
Content-Type: application/sdp
c=IN IP4 192.168.0.1
m=audio 8000 RTP/AVP 4
Signaling traffic
Media Traffic
And more!
Cascading NATs?
UA
NAT + ALG
UA1
192.168.0.1
NAT+ALG
Proxy
100.0.0.2
150.0.0.3
INVITE sip:user@200.0.0.4
Via: SIP/2.0/UDP 192.168.0.1:5060
Contact: user@192.168.0.1
Content-Type: application/sdp
c=IN IP4 192.168.0.1
m=audio 8000 RTP/AVP 4
INVITE sip:user@200.0.0.4
Via: SIP/2.0/UDP 100.0.0.2:1234
Contact: user@100.0.0.2
Content-Type: application/sdp
c=IN IP4 100.0.0.2
m=audio 3456 RTP/AVP 4
UA2
200.0.0.4
STUN
RFC 3489
...
Client
NAT's
STUN server
Public Address Space
NAT
Proxy
150.0.1.3
192.168.0.1
100.0.0.2
150.0.0.3
UA2
200.0.0.4
Client
Unknown NAT
Secondary STUN
Port x
Port y
STUN Test 1
Primary STUN
Port x
Port y
Client
Unknown NAT
Secondary STUN
Port x
Port y
STUN Test 2
Primary STUN
Port x
Port y
Client
Unknown NAT
Secondary STUN
Port x
Port y
STUN Test 3
Primary STUN
Port x
Port y
Client
Unknown NAT
Secondary STUN
Port x
Port y
STUN Test 4
Primary STUN
Port x
Port y
Client
Unknown NAT
Secondary STUN
Port x
Port y
RTP Relay
DeltaThree
RTP Relay
DeltaThree
RTP Relay
DeltaThree
NAT Summary
References